From dfb7afe67e847939aebaebbd1e302887e2f5f8f1 Mon Sep 17 00:00:00 2001
From: Gilles Peskine <Gilles.Peskine@arm.com>
Date: Wed, 24 Apr 2024 16:20:52 +0200
Subject: [PATCH] Cleartext RSA keys: also make DER formats available

We can use DER keys in builds without PEM, so it's good to have them around.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
---
 tests/data_files/Makefile                 |  23 +++++++++++++++-------
 tests/data_files/rsa_pkcs1_1024_clear.der | Bin 0 -> 634 bytes
 tests/data_files/rsa_pkcs1_2048_clear.der | Bin 0 -> 1218 bytes
 tests/data_files/rsa_pkcs1_4096_clear.der | Bin 0 -> 2374 bytes
 4 files changed, 16 insertions(+), 7 deletions(-)
 create mode 100644 tests/data_files/rsa_pkcs1_1024_clear.der
 create mode 100644 tests/data_files/rsa_pkcs1_2048_clear.der
 create mode 100644 tests/data_files/rsa_pkcs1_4096_clear.der

diff --git a/tests/data_files/Makefile b/tests/data_files/Makefile
index 01d2379d1e..1fefc48fbb 100644
--- a/tests/data_files/Makefile
+++ b/tests/data_files/Makefile
@@ -710,13 +710,21 @@ keys_rsa_pkcs8_pwd = PolarSSLTest
 ### all other encrypted RSA keys are derived.
 rsa_pkcs1_1024_clear.pem:
 	$(OPENSSL) genrsa -out $@ 1024
-all_final += rsa_pkcs1_1024_clear.pem
+keys_rsa_base += rsa_pkcs1_1024_clear.pem
 rsa_pkcs1_2048_clear.pem:
 	$(OPENSSL) genrsa -out $@ 2048
-all_final += rsa_pkcs1_2048_clear.pem
+keys_rsa_base += rsa_pkcs1_2048_clear.pem
 rsa_pkcs1_4096_clear.pem:
 	$(OPENSSL) genrsa -out $@ 4096
-all_final += rsa_pkcs1_4096_clear.pem
+keys_rsa_base += rsa_pkcs1_4096_clear.pem
+
+all_final += $(keys_rsa_base)
+
+### PKCS1-encoded, plaintext RSA keys in derived forms
+
+rsa_pkcs1_%.der: rsa_pkcs1_%.pem
+	$(OPENSSL) rsa -inform PEM -in $< -outform DER -out $@
+all_final += $(keys_rsa_base:.pem=.der)
 
 ###
 ### PKCS1-encoded, encrypted RSA keys
@@ -1170,8 +1178,8 @@ keys_rsa_enc_pkcs8_v2_4096_sha512: keys_rsa_enc_pkcs8_v2_4096_3des_sha512 keys_r
 ### Rules to generate all RSA keys from a particular class
 ###
 
-### Generate basic unencrypted RSA keys
-keys_rsa_unenc: rsa_pkcs1_1024_clear.pem rsa_pkcs1_2048_clear.pem rsa_pkcs1_4096_clear.pem
+### Generate cleartext RSA keys in derived formats
+keys_rsa_cleartext: $(keys_rsa_base) $(keys_rsa_base:.pem=.der)
 
 ### Generate PKCS1-encoded encrypted RSA keys
 keys_rsa_enc_basic: keys_rsa_enc_basic_1024 keys_rsa_enc_basic_2048 keys_rsa_enc_basic_4096
@@ -1183,7 +1191,8 @@ keys_rsa_enc_pkcs8_v1: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v1_2048 key
 keys_rsa_enc_pkcs8_v2: keys_rsa_enc_pkcs8_v2_1024 keys_rsa_enc_pkcs8_v2_2048 keys_rsa_enc_pkcs8_v2_4096 keys_rsa_enc_pkcs8_v2_1024_sha224 keys_rsa_enc_pkcs8_v2_2048_sha224 keys_rsa_enc_pkcs8_v2_4096_sha224 keys_rsa_enc_pkcs8_v2_1024_sha256 keys_rsa_enc_pkcs8_v2_2048_sha256 keys_rsa_enc_pkcs8_v2_4096_sha256 keys_rsa_enc_pkcs8_v2_1024_sha384 keys_rsa_enc_pkcs8_v2_2048_sha384 keys_rsa_enc_pkcs8_v2_4096_sha384 keys_rsa_enc_pkcs8_v2_1024_sha512 keys_rsa_enc_pkcs8_v2_2048_sha512 keys_rsa_enc_pkcs8_v2_4096_sha512
 
 ### Generate all RSA keys
-keys_rsa_all: keys_rsa_unenc keys_rsa_enc_basic keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2
+keys_rsa_all: keys_rsa_base keys_rsa_cleartext
+keys_rsa_all: keys_rsa_enc_basic keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2
 
 ################################################################
 #### Generate various EC keys
@@ -2177,7 +2186,7 @@ all: $(all_intermediate) $(all_final)
 
 .PHONY: default all_final all
 .PHONY: keys_rsa_all
-.PHONY: keys_rsa_unenc keys_rsa_enc_basic
+.PHONY: keys_rsa_enc_basic
 .PHONY: keys_rsa_enc_pkcs8_v1 keys_rsa_enc_pkcs8_v2
 .PHONY: keys_rsa_enc_basic_1024 keys_rsa_enc_basic_2048 keys_rsa_enc_basic_4096
 .PHONY: keys_rsa_enc_pkcs8_v1_1024 keys_rsa_enc_pkcs8_v2_1024
diff --git a/tests/data_files/rsa_pkcs1_1024_clear.der b/tests/data_files/rsa_pkcs1_1024_clear.der
new file mode 100644
index 0000000000000000000000000000000000000000..8dfb09fb8407c69ab2501c2b5738b754aa594704
GIT binary patch
literal 634
zcmV-=0)_oBf&z8|0RS)!1_>&LNQU<f0RaI800e>pU@(FLTmk_A0)c@5$2gM3!}M?v
z2y6HgHSF^N9Ev3mm4Y@NsvedSRT`}Ldv!Ala91;&*_H84Ohh-xzQmwE<YYY4^T`53
zJ;Qukj(MsHgsy@UHwwRnX}u~nVr;Sg<gDOAvO#=%<eeuJn=A)wjzc{^Y<4<EnjCNq
zC7rwo$3Xnp0ykp+ee3)!0s{d60Rn-60KLDrq#x+;*Mxof(W+V=b{~zvkl;}sWdxaz
zOtidgrCUjyt+#oH5={6I))U_$*40FaadLvXp%NgGL?lkmVBwBa)yix^T>puB{xNx8
zX1)E7&I}Gm!xMF}XmsR=>fc+2kg}&j=keq-8GCM8!TM^lY{-&*Corqc;yCii%>qFH
z`d9`?^Kw{rRufF!w>j?`m{=(DE)7J+&TU{#ohW+Fs*b)61KPvf)W#iEwG~q8>v>*I
zDvI*MlDL;{A*+_-0zm-FxZ7SW$`E_oKyEC4?+;0WDk^giM+CSBU)<3imvWiLal_yO
zzQyQ-d{C^k$T_&cjV?r?8Z#N^GhalCv3;)sKr&-nNPVxXJdRMVEe1a$@IP;-He)l2
ze^qx-W$xDj`0V|3C6EIRUpjbk*%@r4R^oJcRn=TbMza=jY*}2FF9JX}tt!snX2k%6
zm}Eod;Q-~29AyKO9!{*--y0)O;07Z8xFXj(2-aW7t&IZKS&n4x!shKfwnJA1_vJ=^
zJt*S>KnwyF2HC0K)eKyonyd_D1?l;XN4#g5BT8%D@JY<=);jVU(5ECPzjsnJx*{mw
UpDewlX^JGbN)X4t0@RTXEm)x;3jhEB

literal 0
HcmV?d00001

diff --git a/tests/data_files/rsa_pkcs1_2048_clear.der b/tests/data_files/rsa_pkcs1_2048_clear.der
new file mode 100644
index 0000000000000000000000000000000000000000..137395e2a392d435aceb82d0983ab9ff9af5757d
GIT binary patch
literal 1218
zcmV;z1U>sOf&{(-0RS)!1_>&LNQU<f0RaI800e>rs4#*Aqyhl|0)hbn0H{@G`LduK
zG{zN<kW+4c9#IeOnnOe__R<qiv)yT~E){0D%Y@+g{NC&Wg_C9?4j3vqq@Rw?(YqK8
zf#%S?{mGq3-xL9Kd|>W9`^IWFh&?+Vs`pVi*&4Y6)`Buh`@(Kmn|BKJ)<#@)THy;3
zIoarFf~mW88*VlZu4EEje8iDBm%zlxv3&eV$y!B&VIJA<=puk3ZEQ^b8r*D#cr3wN
zjWd#ST!A`=qoQ{dyfpwrSc#+rd3uvO8n-Z2rqFZ+ppdvA(D~sQfJ7=g`l4R>s*D)?
z2qQEET@nygR|ei&)bdp_O!{7dhW0y*-A1s4>|m(`7q#EBW+lc<wE_bH009Dm0RS0%
zB&)X(YIDl*gpKhtuRvqLXS`1)$yTo8VUxF)!dVl*V};yqI|Kc*`Gv!k7~aig$0%1v
z#iSPzLn=Xuq}l;yAe=R6D*KVCKouA(2$4m@=a#mv!%mAYE0>f?jPs<j6ci<Av1Dm(
zq7BM8WVt_fVk|ZaJ!X@>_ht*6gf5z{X9123!=RO|u6UAw<}G?FCpet~ji=L2eJe;*
zP{<+TjX@HANcn@=I!S;^!&HZ?+na8!$*6&yPCL2g1poh$JS5LdjvhP_x$<$YL}!~C
zmrk40j@*Hurq48(0OwUgH$gbu!3kK_ksfIdg)#n?rThg;J1h^Sl9ll&R2c$+fdJC<
zLM-dshAAItpr-;xfnr!^YfwnvXb)?To4_KjrJ^<}UG7E`(<C2=`TW*iGuaNV39{te
z94b%PN?!&o<+XXEnqoWSVEBh^0>9Z$Sc^yseRUjn5NTdCP2G#5-i`6}v%%Oa(ZT$E
zThkF{nTbOgrKj?w(jIaC)G)}qqLTuFfdI@$Pka3GOmzrSmI&bKL;NqM2yu=YaP3rX
zQ6K}&IwkH7$VLV0P=Dd33g0|NG5H%l5iaH-IRXkfyG%zrAP>bG#2OK{Y!d?3m;LYS
zW+l3iNGX>9J7r({pa9MUN}+$2Gr74yv^`Zz+{0eJnV~m{R%Ucm$x2-JcftwT_?H5K
zfM8(+Qth`e23@&1oYUt{d6pJA>qbBOl>hl|nM=PbA%97~{Cd0B{c8gA<JL6S&sA%p
zHos)(;ZyZzl^%zksae;nQ!+JTI%)MD3UtU(mEh(Y2Zd+Ial3wg47eS*GIiGM!KHWa
zuZJP#@A<_%WPj<I%dd(m4T{@%Dv7ILO#*>|0G8MZpPKh5@;b#4Iaw>GA}{4Y(&>gM
z;di-4dWV!EUL)QTk#dQH77Kt|0^v1GZIEhGvH1y$SujV{K+I60szP}1WB0UYHQJ!B
z_qr5shiI;5J0IWi{5RH39*Y93L3uxB&b&88VGR9A^^%_0KQ0Yo8KKF7B0*>qtlKSf
z-2#Du0L9c-e+Hz2C=J##PqzjB%)5zr&?2VJF=<p_3rzwnaq&2jNV1uE+6=XxYOn@&
zA*oof{aUWSgb=<gv=>86+>nIx+`Ws3k_iTktU1k*_}zgW)UQ@sVz6GwZNnS0F(2}~
gZQJH(unKUZ;^V5;|NmZV@F&WNLW4zvPu$>5*v6|p)Bpeg

literal 0
HcmV?d00001

diff --git a/tests/data_files/rsa_pkcs1_4096_clear.der b/tests/data_files/rsa_pkcs1_4096_clear.der
new file mode 100644
index 0000000000000000000000000000000000000000..c65a2325b5363ff811ae440b3924e246e0efc7de
GIT binary patch
literal 2374
zcmV-M3Ay$#f(b$b0RS)!1_>&LNQU<f0RaI800e>wEHHuzC;|Zh0)heo0M3Kwsfd5<
zM8=uZR&mVg?{QZ9;onMaPj%vIi`8Xm0q>iH*@ivIWD0kS55vg;Vkk65!s!ccx)!Yt
zZ5nwj5^IZDh@zdKrvjBrsth-ByuwTx4qk+C%0FfkvOEuCa*P}rlk_*5cIpC)ja1u2
z*<dOMF$Xk&Z@IlexQJo&%<4f{f#D%b%Hy+rBj33dj?@0plPM^PfV87sl4Iw<Ed6#o
z#Hzx?uFW;tJk<ds-V$>LPA~^NdoJUmWePrV8AJquz$01<<5;hhWk-Tf+8U_NX0)BW
z=XCrJb%u7Ei<zA~&--RQ6|?qkv{(v58$9W!w@5Y$ID>Z$Nzp;u6+ccnRnwSOD;n>?
zlwIs!wxlmVCHsLEL*CkOWHy3><kt#fYK%n!=-IF#mKi5RSVKB2Nto!G|Jlr!;7M@f
z<U1}rX$=#4jm^*&i=yjh<SME&sQW(GE4|+H-tc5cAbdj1)Y{&F>=T0(U*_m@@R-+W
z%J$&o20Cyrg8ckcMM%KgswHI#d@7L!VSej#fIhe&%(Mq#VQ%)1GwrrGK?hVu_J*&<
zZq734qtHKvZ6RmAQn6vsRR~8+TF7b46XxZ_J&(uQ3EZkl*ntN2>2b7m-Y+~kjsUsy
zi#WhibMYO6FZk@$*3DidkY;mEYV8Ty%Jc6Hmllm_xNKPUO9BG{009Dm0sv|J@{wfM
z+K08V&hRI>w!Ny_tgTS*9>~x{qR=09OMOk=@Ib$h$YV;U?YruXr{o)?Fv#iH4?O%-
zR{9acET&6=nlkX(n@{_gY1`c=JOH|DT38d5KU&>P<3R6dDsJeHr|4BjkVFM{#_fY9
zf#6zYSBZxlAL_SN^?Tx~`+JL`d+juU<tRMTs-P9SB;ZHa81g{|Xak`!(%nVg^cQ0S
zBG3SzvsceV8$4@CiGldg1?6n&+0>HF3siOdbO|<!WtkbvrW{Ey+of9^`y_$bFAgyl
zUz8rp8khsAt<31k^&$N6jM^=sg;A4vxYa7&^iQ#b;+y=0#!@3rd_*tjO#$LGk(4PN
zlDr#?hizmuSrSHfz2(G(5`B1;<MRnNFZ87M#FAEeO*m9!jk=0&P{ka^4;YA(k{>UM
zJ&;|=UD(Yv-|L&Lq5j`#LDu_H^~TLjk&xeN{qwAKaeJSPVr&akGcbcnbTA-3Y$ILZ
zBO3@}lF#cMaqvtwv;HIF6<^3Ze@_Ue0sx&A0a>{2NQiS)pbDDqV4MJv`A}DF7DR6j
z8)WzLCCpz}q;G+LtMHbEF#ORR&NeeNxXJ=~b$yaTflYdH-jzeFtVdwiM>AseQsRMP
zSVS-WuY>P7GxSUzMTy>wwD1~{y?<aM_UAY|U7S%{S^!lpC)omm0RaH?F|EsXONW4K
zxD=6^Mqe8wic58<{pIqlj^w}3`uIxw45|jr#alV#F$5g&B*-kW88JyZPD$r$X@EfT
zX8aRW_htLDOJ|KeBMovdZjotw#U>Oc9s!~Wm8n3`J=;=p1YK%-PySSeNpVshgm1O&
znt3z&VNx(_sn{SX(~I$S)9;G}lg9-$gIn;`j()SDUKR#Z3(p?{++ZkNGY{X#i8tmY
zchD)GRNq$rvc#c@q?Cfox5I)u`n6LGe8gp&(2364orD1u6&P30cF|&cl>YY+AIW6&
z)&mKSd;82<&Bs4A)-8pQ4RsYxUqcmHSaC+NtU^#xD8Ax#%mfz#f&l>l*ni^IujpNH
zEGO~Z2&G`*jom11*SgTnB;oMwM9(<~PFBAQ1E^xR;QG!)WiKIxV{MnJTp01Ew3TUN
z`OtuE_n&l%4MPR<{H+Dnhx7CxoT#utamw$Y9)2yR{Yp;Q5<E%*-yQ#@7n5I3NTNl@
z8UM3v@KVx<m+c^ss#_?rX+ksf)E+q+7BL?D15SPDb}Ma_p>WYyrJkVM<_f0S_?%h`
zb>!A)*R3hv=kzj=uIc^mn9UwWlI*>lW*%iwn<NHD<dYAOB`|fsCN*e0{^HBQ4xYFM
zoR}Eu;T23mzuFdbsfMakTF<@Z(kJ*lvh6IQMytT7P7An~YtOXp0)hbmX77?6R8C%A
zDhfQ&Yrz6iM8fYdH~wETKPw*&Bs1LlZhclJ>=LJQ?bjo&w<Ibhe7Wo9yk|%Y|6xa|
z83lxR`L-AhQ}q)+oM-Go7x8)Khd=?}IC?3f4tzomiaDtKMhC?KAKnIy#%aM7CcGH~
z4VSV*(B-*lqu9c{JSA$jY(CtXGh)BsSU`C{Iwpw@Ta|a8PTq-rzYF@5$k^3(HGGIo
z!MTyl8EhGWXygd9H+*9T2d(`ACa#P`=iI18RJ%cZD))acot=2sdycx0(;I1~=j$F&
zDoqrYu(Mv@GvCgCyvP0oaYowq5=CLx+ylleP_-6!7~dW!1QYHZ0)hbn0Ha>5pYM^{
zpn%bfvyF(ZIL1P9^`L6{kuw>@B4=PP+L46l7`db23VfXf^_ra=AbHILJFL&G+bwJ9
z;bm*C-b|Bd@0;FDskN*k(WW`FsKHK=;&7?}bj3~8$wMtgoyzp@tcMLQ5;$HS_XXTt
z=SF!ezB2=CmtuXdt2)9PO!V&FA`8aav=X-Rc%4osxVa-hNIy`}$f5za#P}>_hw2ca
z>M#a`y$rKJ{1YCu;dK0AfFP0h9IaL~CdTl5=X{Ecs>hQll}=jeARILW`LZPzI1+v~
z!`6EDqLxDH4;+%mi#0jNVXF^BZyrp?2bRTNe*N(=D-jpVEr?HUX##=)01>Hqzju*|
zGjAs_kePSF%7Q$G@{oKnSXx}r9q{7l89)UXw~-<y(!z+UL8>{v>-|P{|8oG8=X9yc
zJ?1#x1fxw|&ur$|-G0~cOMoNXiPb!t83LxNQ}Zz;Vg$nO(3Xy1ESjG{f=QJO2g7Og
zbcT}r4R!&&k34FRrSD_x{el?xefUB0jyF&BPa#Nnox%qnr$SDKj93iMSO&mofg1uj
z@6MrxPK4sD5zvC<y;GZJtxRCS*O?J=t?@xMkMWg?uqT3ZVj^guc}LAsS}&U0_6VDR
slN|FzN>w$~6jpvdQgaPyqU`ch{=Hg@(ul!CV|RIx5U%oK;ISJBH`ok<_W%F@

literal 0
HcmV?d00001